Originally reported by The Hacker News, SANS ISC, MSRC Security Updates
TL;DR
A supply chain attack targeting security scanners has expanded beyond initial reports and been added to CISA's Known Exploited Vulnerabilities catalog. Meanwhile, critical vulnerabilities in popular AI frameworks LangChain and LangGraph could expose sensitive data, and state-sponsored groups continue targeted espionage campaigns.
The TeamPCP supply chain campaign has been added to CISA's KEV catalog, indicating confirmed active exploitation of vulnerabilities affecting security tools across multiple organizations.
The TeamPCP supply chain campaign, initially targeting Checkmarx security scanners, has expanded beyond originally reported scope according to SANS ISC researchers. The campaign, which began with initial access on February 28 and culminated in the March 24 LiteLLM PyPI compromise, has now been added to CISA's Known Exploited Vulnerabilities catalog.
Detection tools are now available for organizations to assess their exposure to this campaign that turned security scanners into attack vectors against their own users.
Security researchers have identified three vulnerabilities in LangChain and LangGraph, widely-used frameworks for building Large Language Model applications. The flaws could allow attackers to access filesystem data, environment secrets, and conversation history from applications built on these platforms.
Given the rapid adoption of AI frameworks in enterprise environments, these vulnerabilities present significant risk to organizations deploying LLM-powered applications without proper security controls.
China-linked threat group Red Menshen (also known as Earth Bluecrow) has conducted a long-term espionage campaign embedding stealthy BPFDoor implants within telecommunications networks. The strategic positioning allows persistent access to government networks through critical infrastructure compromise.
Separately, pro-Ukrainian group Bearlyfy has targeted over 70 Russian companies since January 2025, deploying custom GenieLocker ransomware as part of their dual-purpose operations aimed at maximum business disruption.
Anthropic’s Claude Chrome Extension contained a zero-click cross-site scripting vulnerability that allowed malicious websites to inject prompts into the AI assistant without user interaction. Koi Security researcher Oren Yomtov disclosed the flaw, which has since been patched by Anthropic.
Microsoft has published information for multiple CVEs affecting various components:
CVE-2025-66413: Git for Windows NTLM hash leak vulnerabilityCVE-2026-28753: NGINX ngx_mail_proxy_module vulnerabilityCVE-2026-3549: ECH parsing heap buffer overflowCVE-2026-33412: Vim command injection via newline in glob()CVE-2026-33228: flatted prototype pollution via parse()CVE-2026-33515: Squid ICP message handling issuesCVE-2026-4647: Binutils out-of-bounds read in XCOFF relocation processingAdditional kernel and system-level CVEs were also disclosed, including fixes for btrfs, f2fs, and networking components.
Security analysts note that rising geopolitical tensions increasingly manifest through cyber operations, with technology itself becoming politicized. The current threat landscape reflects a shift from the post-1945 stability period, with cyber warfare now preceding or reflecting broader geopolitical conflicts.
Originally reported by The Hacker News, SANS ISC, MSRC Security Updates